The world's most popular RADIUS Server.Press Releases
- 30 April 2008 - Version 2.0.4 has been released.
The focus of this release is stability.
Feature Improvements
- Allow "virtual_server" in "realm" and "home_server" sections. See raddb/proxy.conf and raddb/sites-available/virtual.example.com.
- Allow "passwd" module to be listed in "accounting" and "post-auth".
- Added "fallback" to "home_server_pool" configuration, to handle the case of all home servers being dead. See raddb/proxy.conf.
- Added sample text to raddb/sites-available/inner-tunnel which can simplify debugging of inner tunnel configurations.
- Added regular expression matching in realm names. See raddb/proxy.conf for examples.
- Added simple DHCP server functionality. For comments, see raddb/sites-available/dhcp.
- Added file globbing capabilities to detail file reader
- Added sample raddb/sites-available/robust-proxy-accounting.
- Clients in SQL can now refer to a virtual server. Patch from Michael Bretterklieber.
- Added some examples of creating RADIUS administrator in SQL, and assigning appropriate access rights.
Bug Fixes
- Install all files in raddb/sites-available.
- Allow non-threaded builds.
- Don't treat '0x' as special for known attributes that are not of type "octets".
- Fix log error in rlm_pap.
- Remove documentation about non-existent functionality.
- Updated warning messages in debug output.
- Fix handling of timeouts in rlm_ldap that affected 64-bit systems. This fix was supposed to go into 2.0.3, but did not make it.
- Fix event handling in debug mode for failed proxy requests.
- Fix memleak in fifos. Closes bug #537.
- Fix memleak on blocked threads. Closes bug #538.
- Perform additional checks on NULL realms. Closes bug #541.
- Fix handling of "clients" in "listen" section.
- When detail file cannot process a packet, sleep for longer to let the rest of the server do something.
- Add missing table to raddb/sql/mssql/schema.sql. Closes bug #545.
- Updated rlm_sql_postgresql to build with PostgreSQL 7.x. Closes bug #533.
- Fix "postauth" of rlm_ldap to look for LDAP-UserDn in the correct place.
- Update rlm_attr_filter for some corner cases. Closes bug #543.
- Fixed memory leak in libfreeradius event handler.
- In the SQL Accounting on/off queries, remove the restriction that the session time had to be zero.
- 17 March 2008 - Version 2.0.3 has been released.
The focus of this release is stability.
Feature Improvements
- Updated raddb/certs/ca.cnf with extensions to allow the ca.der file to be imported as a CA on Symbian and Windows Mobile devices. Closes bug #524.
- Enable multiple matches in the hints file via Fall-Through = Yes. Closes bug #477.
- Added preliminary SQLite driver, contibuted by Apple. Untested, with no sample configuration. This addresses bug #470.
- Updated the logging sub-system so that log messages from libfreeradius can go to the log file, and not stdout.
- Added dictionary.rfc5176 with two new values for the Error-Cause attribute.
- The EAP module now checks for instance name, and uses that for authentication. This avoids the need to set Auth-Type when there are multiple instances of the EAP module.
- Added the Module-Return-Code attribute, which contains the value returned by the previous module (ok/fail/update/etc.).
Bug Fixes
- Corrected typos in rlm_dbm. Closes bug #521 and bug #522.
- Detail file listen sections now work much better.
- Don't allow old log_* to over-ride new format. Closes bug #525
- Initialize allocated memory in Oracle SQL driver. This fixes occasional crashes on some systems. Closes bug #518
- Call correct function in rlm_protocol_filter. This enables the module to build. Closes bug #512.
- Added deprecated flag to build for rlm_krb5. This allows it to run on 64-bit systems. Closes bug #491.
- Corrected error message when parsing invalid configurations so that the server does not crash. Closes bug #527.
- Fix handling of timeouts in rlm_ldap that affected 64-bit systems.
- Handle $INCLUDE's in the instantiate section. Closes bug #528.
- Format updates to man pages from Stephen Gran.
- 5 March 2008 FreeRADIUS Client Version 1.1.6 has been released.
-
- Added dead_time functionality / configuration.
- Merge in fixes and enhancements from 'radiusclient-ng'.
- Improved functionality for embedded operation. In use in FreeSWITCH and OpenSER projects.
- Wrap gethostby*() family of calls with threadsafe variants.
- Change UINT4 to uint32_t, int to size_t, etc.
- Fixed wrong usage of strncat function in several places.
- 14 February 2008 - Version 2.0.2 has been released.
This version corrects a number of flaws in the handling of EAP sessions and detail files. We recommend that all sites using 2.0.x and EAP upgrade to 2.0.2.
Feature Improvements
- Added notes on how to debug the server in radiusd.conf.
- Moved all log_* in radiusd.conf to log{} section, The old configurations are still accepted.
- Added ca.der target in raddb/certs/Makefile. This is needed for importing CA certs into Windows.
- Added ability send raw attributes via Raw-Attribute = 0x0102... This is available only debug builds. It can be used to create invalid packets! Use it with care.
- Permit unlang policies inside of Auth-Type{} sub-sections of the authenticate{} section. This makes some policies easier to implement.
- listen sections can now have type = proxy. This lets you control which IP is used for sending proxied requests.
- Added note on SSL performance to raddb/certs/README
Bug Fixes
- Fixed reading of detail files.
- Allow inner EAP tunneled sessions to be proxied.
- Corrected MySQL schemas.
- syslog now works in log{} section.
- Corrected typo in raddb/certs/client.cnf
- Updated raddb/sites-available/proxy-inner-tunnel to permit authentication to work.
- Ignore zero-length attributes in received packets.
- Correct memcpy when dealing with unknown attributes.
- Corrected debugging messages in attr_rewrite.
- Corrected generation of State attribute in EAP. This fixes the "failed to remember handler" issues.
- Fall back to DEFAULT realm if no realm was found. Based on a patch from Vincent Magnin.
- Updated example raddb/sites-available/proxy-inner-tunnel
- Corrected behavior of attr_filter to match documentation. This is NOT backwards compatible with previous versions! See man rlm_attr_filter for details.
- January 2, 2008 - Version 2.0.1 has been released.
-
Feature Improvements
- Unlang now permits type-specific checks, and requires using strings less often. e.g. if (Framed-IP-Address > 192.168.0.1) { ....
Bug Fixes
- The acct_unique module has been updated to understand the deprecated (but still used) Client-IP-Address attribute.
- The EAP-MSCHAPv2 module no longer leaks MS-CHAP2-Success in packets.
- Fixed crash in the dbm module.
- Corrected parsing of syslog entries in radiusd.conf.
- January 10, 2008 - Version 2.0 has been released.
We are pleased to announce that Version 2.0.4 (sig) has been released. This version is a tremendous step forward in functionality for the server.
Feature Improvements
- simple policy language (see man unlang)
- virtual servers (raddb/sites-available/README)
- IPv6 support
- better proxy support (raddb/proxy.conf)
- More EAP types
- Debugging output should be much easier to understand
- VMPS support
- More modules have been moved to "stable" status (python, etc.)
- SQL configuration has been cleaned up (see raddb/sql/*)
- limited support for HUP. (The configuration for some modules is re-loaded on HUP. Nothing else is reloaded.)
- check configuration and exit (radiusd -C)
- Server core is now event based (simpler, more powerful)
Bug Fixes
- The server re-design has resulted in simple fixes for many issues that were too difficult to correct in Version 1.1.x.